ClawHub

Messages

Security checks across malware telemetry and agentic risk

Overview

This message-management skill is coherent, but it needs Review because it implies broad, ongoing access to private communications and behavioral profiles without clear permission or retention limits.

Install only if you are comfortable giving a messages assistant broad access to private email and chat data. Before use, require explicit approval for each connected channel, limit or disable sent-message voice profiling, exclude sensitive folders or contacts, and confirm how stored message history, relationship profiles, and behavior summaries can be reviewed and deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill is designed to access and consolidate highly sensitive communications across email, chat, and other channels, yet the description does not clearly warn users about the breadth of data access required. This is dangerous because users may authorize the skill without understanding it can read private, business, and personal messages across multiple platforms, increasing privacy, confidentiality, and data aggregation risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly states that it reads historical sent messages to mimic the user's writing style, but the description omits a clear warning that prior outbound communications will be analyzed. This creates meaningful privacy and security risk because sent messages may contain confidential business information, personal details, legal discussions, or sensitive relationship context that users may not expect to be mined for behavioral profiling.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill monitors long-term communication behavior such as ignored senders, archive habits, response timing, and relationship activity, but does not clearly warn users that behavioral profiling is occurring. This is dangerous because ongoing monitoring can reveal sensitive work patterns, priorities, interpersonal relationships, and availability habits, creating surveillance and misuse risks if exposed or repurposed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal